package com.hnxxxy.system.Shiro;

import com.hnxxxy.mapper.UserOperationMapper;
import com.hnxxxy.pojo.Jurisdiction;
import com.hnxxxy.pojo.Role;
import com.hnxxxy.pojo.User_login;
import com.hnxxxy.utils.Communal;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

/**
 * @author：张浩东
 * @Phone：15096207164
 * @QQ：1367048164
 * @E-mail：1367048164@qq.com
 * @date:2020-05-03 19:56
 */
public class UserRealm extends AuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger(UserRealm.class);

    /**
     * 共用类，本类用于储存username
     */
    @Autowired
    Communal communal;

    @Autowired
    UserOperationMapper userOperationMapper;

    @Override
    public boolean supports(AuthenticationToken token) {
        if (token instanceof UsernamePasswordToken) {
            return true;
        }
        return false;
    }

    /**
     * 此方法只会去判断用户名是否为空
     * <p>
     * 判断密码在shiro自己内部会去判断，这里只会在返回SimpleAuthenticationInfo提供密码判断时需要的
     * stu_user：用户
     * stu_user.getS_password()：数据库密码
     * salt：盐
     * this.getName()：本realm的类名
     */

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token1) throws AuthenticationException {
        // 判断用户名  token中的用户信息是登录时候传进来的
        UsernamePasswordToken token = (UsernamePasswordToken) token1;
        //查询user_login并且写入缓存
        User_login user_login = userOperationMapper.queryUserLogin(token.getUsername());

        if (user_login == null) {
            log.info("user_login == null");
            throw new UnknownAccountException();
        }
        //2.判断密码在shiro自己内部会去判断
        ByteSource salt = ByteSource.Util.bytes(user_login.getSalt());

        return new SimpleAuthenticationInfo(user_login, user_login.getPassword(), salt, this.getName());
    }

    /**
     * 此方法用于进行设置权限和角色
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //给资源进行授权
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //获取subject
        Subject subject = SecurityUtils.getSubject();
        //获取user
        User_login user = (User_login) subject.getPrincipal();

        //设置Rolekey
        List<Role> rolesList = userOperationMapper.queryUserRole(user.getUsername());

        //获得权限
        List<Jurisdiction> jurList = userOperationMapper.queryUserJur(user.getUsername());

        for (Role r : rolesList) {
            //放入角色
            info.addRole(r.getRole());
        }
        for (Jurisdiction jurisdiction : jurList) {
            //放入权限
            info.addStringPermission(jurisdiction.getJurisdiction());
        }
        return info;
    }


}
